Replay attacks use a simple method of exploiting a captured packet and retransmitting that traffic to cause unexpected results by hijacking the traffic and transmitting it at a later time. Even if the communication medium is protected with encryption and strong authentication, if the receiver cannot detect the freshness of a packet or control message, the attack is deemed successful. A major concern in any key management protocol is if the packets or messages carrying the policies or keying material is delayed or captured and replayed after a few seconds, then the Security Associations are installed with incorrect lifetimes. This would result in dropping of data traffic. Thus, the ability for key management protocols to detect such delay and replayed packets and messages would improve protocols which carry time sensitive information.
These shortcomings may be solved by detecting delayed and replayed packets and messages on the control plane by adding pseudotime information to key management exchange packets. Incorporating the ability to detect delayed and replayed packets and messages in the key management protocol helps to mitigate attacks on these protocols.